package com.hnxxxy.common.shiro;

import at.pollux.thymeleaf.shiro.dialect.ShiroDialect;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.*;

/**
 * @Description:
 * @Author: SUHUI
 * @EMAIL:13319575368@163.COM
 * @Date: 2020/4/22 12:36
 * @ACTION:shiro配置类
 * @return: null
 **/
@Configuration
public class ShiroConfig {
    /**
     * @Description:shiro securityManager
     * @Author: SUHUI
     * @EMAIL:13319575368@163.COM
     * @Date: 2020/5/21 22:27
     **/
    @Bean(name = "securityManager")
    public DefaultWebSecurityManager getDefaultWebSecurityManager(@Qualifier("userRealm") UserRealm userRealm) {
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        //关联realm
        List<Realm> realms = new ArrayList<Realm>(2);
        realms.add(userRealm);
        securityManager.setRealms(realms);
        return securityManager;
    }

    /**
     * @Description:自定义Realm
     * @Author: SUHUI
     * @EMAIL:13319575368@163.COM
     * @Date: 2020/5/21 22:27
     **/
    @Bean(name = "userRealm")
    public UserRealm getRealm() {
        HashedCredentialsMatcher matcher = new HashedCredentialsMatcher();
        matcher.setHashAlgorithmName("MD5");
        matcher.setHashIterations(1000);
        //此处的设置，true加密用的hex编码，false用的base64编码
        matcher.setStoredCredentialsHexEncoded(false);
        UserRealm userRealm = new UserRealm();
        userRealm.setCredentialsMatcher(matcher);
        return userRealm;
    }

    /**
     * @Description:自定义shiro过滤器
     * @Author: SUHUI
     * @EMAIL:13319575368@163.COM
     * @Date: 2020/5/21 22:27
     **/
    @Bean
    public ShiroFilterFactoryBean getShiroFilterFactoryBean(@Qualifier("securityManager") DefaultWebSecurityManager securityManager) {

        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();

        //设置安全管理器
        shiroFilterFactoryBean.setSecurityManager(securityManager);
        /**
         * Shiro内置过滤器，可以实现权限相关的拦截器
         *    常用的过滤器：
         *       anon: 无需认证（登录）可以访问
         *       authc: 必须认证才可以访问
         *       user: 如果使用rememberMe的功能可以直接访问 user[]
         *       perms： 该资源必须得到资源权限才可以访问 perms[user:add]
         *       role: 该资源必须得到角色权限才可以访问
         */
        Map<String, String> filterMap = new LinkedHashMap<String, String>();
        filterMap.put("/", "anon");
        filterMap.put("/_view/**", "anon");
        filterMap.put("/js/**", "anon");
        filterMap.put("/common/**", "anon");
        filterMap.put("/css/**", "anon");
        filterMap.put("/upload/**", "anon");
        filterMap.put("/images/**", "anon");
        filterMap.put("/plugins/**", "anon");
        filterMap.put("/sys/toLogin", "anon");
        filterMap.put("/jf/**", "anon");
        filterMap.put("/total/**", "anon");
/*
        filterMap.put("/sys/loginOut", "logout");
*/

        //修改调整的登录页面
        shiroFilterFactoryBean.setLoginUrl("/");
        shiroFilterFactoryBean.setFilterChainDefinitionMap(filterMap);
        return shiroFilterFactoryBean;
    }


    /**
     * @Description:开启前端thymeleaf中shiro标签使用
     * @Author: SUHUI
     * @EMAIL:13319575368@163.COM
     * @Date: 2020/5/21 22:27
     **/
    @Bean
    public ShiroDialect getShiroDialect() {
        return new ShiroDialect();
    }


    /**
     * @Description:开启shiro注解支持（AOP）
     * @Author: SUHUI
     * @EMAIL:13319575368@163.COM
     * @Date: 2020/5/21 22:27
     **/
    @Bean
    public DefaultAdvisorAutoProxyCreator advisorAutoProxyCreator() {
        DefaultAdvisorAutoProxyCreator advisorAutoProxyCreator = new DefaultAdvisorAutoProxyCreator();
        advisorAutoProxyCreator.setProxyTargetClass(true);
        return advisorAutoProxyCreator;
    }

    /**
     * @Description:开启shiro注解支持
     * @Author: SUHUI
     * @EMAIL:13319575368@163.COM
     * @Date: 2020/5/21 22:27
     **/
    @Bean
    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(@Qualifier("securityManager") DefaultWebSecurityManager securityManager) {
        AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
        authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);
        return authorizationAttributeSourceAdvisor;
    }


    /**
     * Shiro生命周期处理器
     */
    @Bean
    public LifecycleBeanPostProcessor getLifecycleBeanPostProcessor() {
        return new LifecycleBeanPostProcessor();
    }


}